package com.luoyuanxiangvip.admin.controller;

import com.luoyuanxiangvip.admin.core.jwt.JwtToken;
import com.luoyuanxiangvip.admin.core.shiro.AuthToken;
import com.luoyuanxiangvip.admin.core.utils.Sha256Util;
import com.luoyuanxiangvip.admin.core.vo.JwtVo;
import com.luoyuanxiangvip.admin.core.vo.LoginVo;
import com.luoyuanxiangvip.common.annotation.Logs;
import com.luoyuanxiangvip.common.constant.Constant;
import com.luoyuanxiangvip.common.exception.ExpiredException;
import com.luoyuanxiangvip.common.exception.InvalidException;
import com.luoyuanxiangvip.common.holder.RequestHolder;
import com.luoyuanxiangvip.common.utils.AjaxResult;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.validation.Valid;

/**
 * <p>
 * 登陆接口
 * </p>
 *
 * @author luoyuanxiang <p>luoyuanxiangvip.com</p>
 * @since 2019/5/27 10:17
 */
@RestController
@Api(description = "系统登陆")
public class LoginController {
    @Resource
    private JwtToken jwtToken;

    @ApiOperation(value = "用户登陆")
    @Logs
    @PostMapping("/login")
    public AjaxResult login(@Valid @RequestBody LoginVo loginVo) throws AuthenticationException {
        String encryptionPassword = Sha256Util.sha256(loginVo.getPassword(), loginVo.getUsername());
        String accessToken = jwtToken.generateToken(loginVo.getUsername(), encryptionPassword);
        AuthToken authToken = new AuthToken(accessToken);
        Subject subject = SecurityUtils.getSubject();
        subject.login(authToken);
        if (subject.isAuthenticated()) {
            JwtVo jwtVo = new JwtVo();
            long accessExpiration = jwtToken.getExpirationDateFromToken(accessToken).getTime();
            long createTime = jwtToken.getIssuedAtDateFromToken(accessToken).getTime();
            jwtVo.setAccessToken(accessToken)
                    .setAccessExpiration(accessExpiration)
                    .setCreateTime(createTime);
            return AjaxResult.success("登录成功",jwtVo);
        }
        return AjaxResult.error("登陆失败");
    }

    @ApiOperation(value = "登出")
    @PostMapping("/logout")
    @ResponseBody
    public AjaxResult logout() {
        return AjaxResult.success();
    }

    @ApiOperation(value = "获取用户信息")
    @GetMapping("/info")
    @ResponseBody
    @RequiresAuthentication
    @Logs
    @ApiImplicitParam(name = "token", value = "token", paramType = "query", required = true)
    public AjaxResult info(String token) {
        if (jwtToken.parseToken(token)) {
            throw new AuthenticationException(new InvalidException("token无效！"));
        }
        if (jwtToken.isTokenExpired(token)) {
            throw new AuthenticationException(new ExpiredException("token过期!"));
        }
        return AjaxResult.success("获取用户信息成功", RequestHolder.getSession().getAttribute(Constant.USER));
    }
}
